Software designed to scan a computer system to determine whether it is in a good state must often make trade-offs between performance and thoroughness. Typically, the more thorough the scan, the longer it will take to perform and the more impact it will have on the system. Routine system scanning is generally expected to be fast and unobtrusive. Detecting sophisticated problems with a system, such as infection by a low-level rootkit malware program, however, may require deeper system checks that can negatively impact system performance.
Current solutions typically provide for only two levels of regularly scheduled system checking: a “quick scan” which minimizes impact to the system but is not thorough, and a “full scan” which is thorough but has significant impact.
There exists a need for a solution that is more effective at uncovering and alerting users to system issues than a typical quick scan without necessarily incurring the performance cost of a full scan.